14 matches found
EUVD-2017-3257
Malware in sbrugna...
EUVD-2017-3258
Malware in sbrugna...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11645
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
Design/Logic Flaw
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
Cross site scripting
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
Cross site request forgery (csrf)
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...
CVE-2017-11646
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11645
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
CVE-2017-11646
NetComm Wireless 4GT101W routers (Hardware 0.01, Software V1.1.8.8, Bootloader 1.1.3) are vulnerable to Cross-Site Request Forgery (CSRF) as detailed in CVE-2017-11646. The affected component is the device web interface; the root cause is the absence of CSRF protections/tokens in administration.h...
CVE-2017-11647
NetComm Wireless 4GT101W routers (Hardware 0.01 / Software 1.1.8.8 / Bootloader 1.1.3) are affected by CVE-2017-11647 due to a stored cross-site scripting vulnerability triggered by creating an SSID with an XSS payload. Exploitation involves injecting script via the SSID field, allowing script ex...
CVE-2017-11646
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...